<? 
/* place any include files below */ 
include_once("../include/session.php");
include_once("../include/dbConnect.php");
include_once("../include/class/FileUpload.class.php");
/* checking if this file can't be accessed directly */ 
if(ereg("profilProcess",$_SERVER['PHP_SELF'])) exit();
/* receive post variable */ 
$action=$_POST["action"];
$id=$_POST["id"];
/* if action is add new */ 
if($action=="new"){
/* check if record is duplicated */ 
	 $id=trim($_POST["profil_id"]);
	 $query_check=mysql_query("SELECT profil_id FROM profil WHERE profil_id='$id'");
	 if(mysql_num_rows($query_check)){ 
	 	 echo "<script>alert('save failed because record is duplicated!')</script>";
	 	 exit();
	 } 
	 $profil_jabatan=strip_tags(trim(nl2br($_POST['profil_jabatan'])));
	 $profil_nama=strip_tags(trim(nl2br($_POST['profil_nama'])));
	 $profil_tempatlahir=strip_tags(trim(nl2br($_POST['profil_tempatlahir'])));
	 $profil_tgllahir=strip_tags(trim(nl2br($_POST['profil_tgllahir'])));
	 $profil_alamat=strip_tags(trim(nl2br($_POST['profil_alamat'])));
	 $profil_email=strip_tags(trim(nl2br($_POST['profil_email'])));
	 $profil_homepage=strip_tags(trim(nl2br($_POST['profil_homepage'])));
	 $profil_ket=strip_tags(trim(nl2br($_POST['profil_ket'])));
	 $profil_photo=strip_tags(trim(nl2br("images/img_prof/".$_FILES['profil_photo']['name'])));
	 $profil_status=strip_tags(trim(nl2br($_POST['profil_status'])));
	 copy($_FILES['profil_photo']['tmp_name'],"../../".$profil_photo);
	 $sql="INSERT INTO profil(profil_jabatan,
 	 	   profil_nama,
 	 	   profil_tempatlahir,
 	 	   profil_tgllahir,
 	 	   profil_alamat,
 	 	   profil_email,
 	 	   profil_homepage,
 	 	   profil_ket,
 	 	   profil_photo,profil_status)
	 	   VALUES('".$profil_jabatan."', 
 	 	  '".$profil_nama."', 
 	 	  '".$profil_tempatlahir."', 
 	 	  '".$profil_tgllahir."', 
 	 	  '".$profil_alamat."', 
 	 	  '".$profil_email."', 
 	 	  '".$profil_homepage."', 
 	 	  '".$profil_ket."', 
 	 	  '".$profil_photo."','".$profil_status."' )";
	 	 $result=mysql_query($sql);
/* caught exception of result */ 
	 if($result){
	 	 echo "<script>alert('new record added')</script>";
	 }else{
	 	 echo "<script>alert('record save failed')</script>";
	 } 
}
/* if action is edit */ 
 else if($action=="edit"){
	 $id=$_POST['profil_id'];
	 $profil_jabatan=strip_tags(trim(nl2br($_POST['profil_jabatan'])));
	 $profil_nama=strip_tags(trim(nl2br($_POST['profil_nama'])));
	 $profil_tempatlahir=strip_tags(trim(nl2br($_POST['profil_tempatlahir'])));
	 $profil_tgllahir=strip_tags(trim(nl2br($_POST['profil_tgllahir'])));
	 $profil_alamat=strip_tags(trim(nl2br($_POST['profil_alamat'])));
	 $profil_email=strip_tags(trim(nl2br($_POST['profil_email'])));
	 $profil_homepage=strip_tags(trim(nl2br($_POST['profil_homepage'])));
	 $profil_ket=strip_tags(trim(nl2br($_POST['profil_ket'])));
	 $profil_photo=strip_tags(trim(nl2br("images/img_prof/".$_FILES['profil_photo']['name'])));
	 $profil_status=strip_tags(trim(nl2br($_POST['profil_status'])));
 	 copy($_FILES['profil_photo']['tmp_name'],"../../".$profil_photo);
	 $sql="UPDATE profil SET 
 	 	  profil_jabatan='".$profil_jabatan."',
 	 	  profil_nama='".$profil_nama."',
 	 	  profil_tempatlahir='".$profil_tempatlahir."',
 	 	  profil_tgllahir='".$profil_tgllahir."',
 	 	  profil_alamat='".$profil_alamat."',
 	 	  profil_email='".$profil_email."',
 	 	  profil_homepage='".$profil_homepage."',
 	 	  profil_ket='".$profil_ket."',
 	 	  profil_photo='".$profil_photo."',
 	 	  profil_status='".$profil_status."'
 	 	  WHERE profil_id='$id'"; 
	 $result=mysql_query($sql); 
/* caught exception of result */ 
	 if($result){ 
	 	 echo "<script>alert('record updated')</script>"; 
	 }else{
	 	 echo "<script>alert('record save failed')</script>";
	 }
}
/* if action is delete */ 
 else if($action=="delete")
{
	 $sql="Delete from profil WHERE profil_id='$id'";
	 $result=mysql_query($sql);
	 if($result){
	 	 echo "<script>alert('record deleted')</script>";
	 }else{
	 	 echo "<script>alert('record deleted failed')</script>";
	 }
}
?> 
